Articles → MICROSOFT AZURE → Identity Protection In Microsoft Azure

Identity Protection In Microsoft Azure

In this article, we will discuss identity protection in Microsoft Azure.

What Is Identity Protection?

Identity protection in Azure is a tool to automate the detection and remediation of risk.

There are two categories of risks:

User risk - When the account credentials of the user are compromised then the risk comes under the user risk category.
Sign-in risk - When the request does not come from the authenticated user then the risk comes under the sign-in risk category. For example, if a request comes from one location and after 5 mins the request is coming from another location for the same identity, then this is a sign-in risk.

There are three different parameters while configuring the user risk or the sign-in risk.

Users - This parameter specifies whether the identity protection applies to the specific user or a group of users.
Risk level - What is the level of the risk. There are 3 levels of risk i.e., High, Medium and above, Low and above.
Action - What action should be taken when the risk is encountered.

For accessing the identity protection module, go to "Azure Active Directory" → "Security" → "Identity Protection".

For configuring the user risk policy, click on the "User risk policy" link (see the screenshot above). The first parameter is Users.

Click to Enlarge

Second parameter is risk level

Click to Enlarge

And the third parameter is action.

Click to Enlarge

Click on the "Save" button to save the changes. In the similar manner, you can configure a sign-in risk policy as well.

Query/Feedback